{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7405", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FEDORA-2016-c5ec2c17e6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LT3WU77BRUJREZUYQ3ZQBMUIVIVIND4Y/" }, { "name": "[oss-security] 20160907 ADOdb PDO driver: incorrect quoting may allow SQL injection", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/09/07/8" }, { "name": "92969", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92969" }, { "name": "https://github.com/ADOdb/ADOdb/issues/226", "refsource": "CONFIRM", "url": "https://github.com/ADOdb/ADOdb/issues/226" }, { "name": "GLSA-201701-59", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-59" }, { "name": "[oss-security] 20160915 Re: ADOdb PDO driver: incorrect quoting may allow SQL injection", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/09/15/1" }, { "name": "https://github.com/ADOdb/ADOdb/blob/v5.20.7/docs/changelog.md", "refsource": "CONFIRM", "url": "https://github.com/ADOdb/ADOdb/blob/v5.20.7/docs/changelog.md" }, { "name": "https://github.com/ADOdb/ADOdb/commit/bd9eca9f40220f9918ec3cc7ae9ef422b3e448b8", "refsource": "CONFIRM", "url": "https://github.com/ADOdb/ADOdb/commit/bd9eca9f40220f9918ec3cc7ae9ef422b3e448b8" } ] } }